Locky Ransomware Returns as Ykcol

Locky Encrypts Files Leaving a .Ykcol Extension A new Locky variant has been released into the wild and upon initial review it led researchers to a believe it was a new strain entirely, called Ykcol.  However, after additional review, experts have confirmed Ykcol is another version of Locky. The email subject line has been confirmed […]

1,310 total views, no views today

Continue reading

Locky malware being distributed via 7z/script

A week ago, Lawrence Abrams at Bleeping Computer wrote about Locky ransomware now taking a 7z form. The PC Matic Research Team has seen this new form of Locky this past week. Like many other variants of Locky, the core components which make up the binary are very similar except for the encrypted file extension […]

1,089 total views, no views today

Continue reading

And You Thought WannaCry and NotPetya Were Bad…

Money Wasn’t Their End-Game… Combined, WannaCry and NotPetya, the two global attacks that hit the world in the last 90 days, received payouts of approximately $150,000 USD.  To some it may sound like a lot – but to cyber criminals, that’s nothing.  WannaCry and NotPetya were not in corrupting company data with the end goal […]

1,608 total views, no views today

Continue reading

Locky Ransomware Variant Returns with a Vengeance

Old Ransomware Returns with A Bang Many reports have reported 2016 as the year of ransomware.  This can much attributed to the ransomware variant, Locky.  However, in 2017, Locky ransomware has been on somewhat of a hiatus.  This lead to another ransomware variant, Cerber, becoming the most popular ransomware of 2017. However, it appears Locky […]

1,654 total views, no views today

Continue reading

New Locky Ransomware Campaign Sends 14M Emails In Five Hours

14M Emails Infected With Locky Ransomware Another ransomware campaign was sent out on October 24th, distributing 14 million emails with Locky ransomware attached.  The email included a “complaint letter”, which of course was really ransomware.  Upon opening the attachment, the ransomware went to work encrypting user’s files.  The typical ransom demand made with Locky infections […]

896 total views, no views today

Continue reading

Actors behind Dridex launch another spam campaign, delivering Locky Ransomware

Recent reports have indicated that the actors behind Dridex, originally a banking Trojan distributor, have switched tactics, and are now heavily pushing out a new ransomware called Locky. The current method of distribution is via a spam email, which contains a Word document. Additional reports have stated that it is being distributed via the Neutrino […]

673 total views, no views today

Continue reading